package com.wms.ymcc.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;

/**
 * SpringSecurity配置类
 * @author 阿盛哟
 * @date 2025/5/29  15:05
 */
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled=true)//  开启全局方法权限控制,同时支持
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    //配置认证管理器，授权模式为“poassword”时会用到   username  password
    @Bean
    public AuthenticationManager authenticationManager() throws Exception {
        return super.authenticationManager();
    }

//    @Autowired
//    private PermissionMapper permissionMapper;

    //提供用户信息，这里没有从数据库查询用户信息，在内存中模拟
  /*  @Bean
    public UserDetailsService userDetailsService(){
          return new UserDetailsServiceImpl();
    }*/


    //密码编码器：加密的
    @Bean
    public PasswordEncoder passwordEncoder(){
        // TODO   加密的(就用BCryptPasswordEncoder加密算法，已完成)
        return new BCryptPasswordEncoder();//安全的哈希加盐处理
    }

    //授权规则配置
    @Override
    protected void configure(HttpSecurity http) throws Exception {

        // 从数据库中查询所有权限信息 用web路径设置权限
        // List<Permission> permissions = permissionMapper.selectList(null);
      /*  for (Permission permission : permissions) {
            http.authorizeRequests().antMatchers(permission.getResource()).hasAuthority(permission.getSn());
        }*/
        http.authorizeRequests()                                //授权配置
                .antMatchers("/login","/login/common").permitAll()  //登录路径放行
                .anyRequest().authenticated()                   //其他路径都要认证之后才能访问
                .and().formLogin()                              //允许表单登录
                .successForwardUrl("/login/success")             // 设置登陆成功页
                //  /logout, 退出登录的请求。
                .and().logout().permitAll()                    //登出路径放行 /logout
                // 默认情况  开启的 跨域伪造检查
                .and().csrf().disable();                        //关闭跨域伪造检查
    }


    public static void main(String[] args) {
        BCryptPasswordEncoder bc = new BCryptPasswordEncoder();
        String encode1 = bc.encode("123");
        String encode2 = bc.encode("123");
        System.out.println(encode1);
        System.out.println(encode2);


        System.out.println(bc.matches("123", encode1));
        System.out.println(bc.matches("123", encode2));
    }
}